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DETAILED ACTION 

RESPONSE TO ARGUMENTS 

Applicant's arguments, see arguments/remarks, filed 7/29/08, with respect to the rejection(s) of 
claim(s) 1 , 12, and 20 under 35 USC 103(a) have been fully considered and are persuasive. Therefore, 
the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is 
made in view of Reinert et al., US Patent No. 6347375. 

Applicant's arguments filed 7/29/08 in regards to claim 27 have been fully considered but they are 
not persuasive. Said claim rejection is addressed below. 

CLAIMS PRESENTED 

Claims 1-30 are presented. 



CLAIM REJ2CTIONS 

Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

(e) the invention was described in (1 ) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

2. Claims 1-6, 9-16, 20-25, and 28-29 are rejected under 35 U.S.C. 102(b) as 



being anticipated by Reinert. 
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As per claim 1, 12, 20, Reinert teaches: 

A method, comprising: 

initializing a virus scanner during a pre-boot phase of a computer system; 
[see col. 7, lines 46-59] 

scrubbing data read from an input/output (I/O) device of the computer system by the virus scanner using 
a virus signature database before the data is loaded, wherein the virus signature database is stored in a 
place not exposed to the operating system and is updated during the pre-boot phase; and 

[see col. 8, lines 20-45, wherein the virus signature file is downloaded and stored in the 
computers local memory, away from the hard disk and not exposed to the operating system]] 
enacting a platform policy if a virus is detected in the data. 
[see col. 8, lines 46-60] 

As per claim 2, Reinert teaches: 

The method of claim 1 , further comprising scrubbing contents of a memory device of the computer system 
during the pre-boot phase by the virus scanner. 
[see col. 8, lines 24-32] 

As per claim 3, 13, Reinert teaches: 

The method of claim 1 , further comprising updating the virus signature database with updated virus 
signatures. 

[see col. 8, lines 33-35]] 

As per claim 4, Reinert teaches: 

The method of claim 3 wherein the virus signature database is updated during the pre-boot phase. 
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[see col. 7, lines 60-67 and col. 8, lines 1-19, wherein control of the computer is transferred to the 
remote computer prior to loading of the operating system and the remote computer keeps the 
virus signature file up to date] 

As per claim 5, 14, Reinert teaches: 

The method of claim 1 wherein the virus signature database is not exposed to an operating system 
executing on the computer system. 
[see rejection of claim 1] 

As per claim 6, 22, Reinert teaches: 

The method of claim 5 wherein the virus signature database is stored in a firmware-reserved area. 
[see rejection of claim 1, wherein the virus signature file is stored in the local memory] 

As per claim 9, 15, 24, 28, Reinert teaches: 

The method of claim 1 wherein the virus scanner is operable during the pre-boot phase, an operating 
system (OS) runtime phase, and an after-life phase of the computer system independent of an operating 
system of the computer system. 
[see col. 7, lines 27-45] 

As per claim 10, 16, 25, 29, Reinert teaches: 

The method of claim 1 wherein the virus scanner scrubs the data without having knowledge of a file 
system of the data. 

[see col. 8, lines 30-35] 



As per claim 11, Reinert teaches: 
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The method of claim 1 , further comprising enacting the platform policy if the virus scanner detects non- 
normal behavior within the computer system. 
[see col. 8, lines 46-60] 

As per claim 21, Reinert teaches: 

The computer system of claim 20, further comprising a network interface operatively coupled to the 
processor, the virus scanner to scrub data read from the network interface using the virus signature 
database before the data is loaded in the memory device. 
[see col. 8, lines 61-67] 

As per claim 23, Reinert teaches: 

The system of claim 20 wherein execution of the firmware instructions further perform operations 
comprising updating the virus signature database with updated virus signatures downloaded from an 
external virus signature repository communicatively coupled to the computer system. 
[see col. 8, lines 20-25] 

Claim 27 is rejected under 35 U.S.C. 102(e) as being anticipated by Ho, US Patent 
No. 7188369. 

As per claim 27, Ho teaches: 

A computer system, comprising: 
a virtual machine monitor (VMM) to support at least one virtual machine (VM), each VM having a 
separate operating system; 

[see Ho reference, col. 5, lines 25-67] 

[see Ho reference, col. 5, lines 62-67, "cross-platform"] 
an input/output (I/O) device, the VMM to emulate an I/O controller for the I/O device; 

[see Ho reference, col. 1, lines 50-64] 
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a virus scanner within the VMM to scrub data read from the I/O device before the data is loaded; and 

[see Ho reference, col. 8, lines 24-32] 
a virus signature database to facilitate identification of a virus by the virus scanner. 

[see Ho reference, figure 2, element 201] 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 7-8 and 17-18 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Reinert as applied to claim 1 above, and further in view of Ho, 
US Patent No. 7188369 

As per claim 7, 17: 

The Reinert reference has been discussed above. Reinert does not disclose: 
The method of claim 1 wherein the virus scanner is executing in a virtual machine monitor (VMM) 
executing on the computer system, the VMM supporting at least one virtual machine (VM) executing on 
the computer system, wherein the VM executes an operating system that is different from the VMM and 
the operating systems executed by other VMs. 

Ho teaches the above limitations not disclosed by Reinert. 
[see col. 5, lines 25-67] 

It would have been obvious to one of ordinary skill in the art at the time of the invention to modify the 
Reinert reference to incorporate executing the virus scanner on a virtual machine monitor as taught by Ho 
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because a VMM can be hosted and run as an application on top of a host operating system. Doing so 
would allow the virus scanner to execute without loading of the local computer's operating system. 

As per claim 8, 18, Reinert teaches: 

The method of claim 7 wherein scrubbing data read from the I/O device includes: receiving a request from 
a requester to read data from the I/O device, the requester in a VM of the at least one VM; loading at 
least a portion of the requested data into a buffer; scrubbing the at least a portion of the requested data 
with the virus scanner; returning an error signal to the requester if the virus scanner detects a virus in the 
at least a portion of the requested data; and forwarding the requested data to the requester if the virus 
scanner does not detect a virus in the at least a portion of the requested data. 
[see figure 3] 

Claims 19, 26, and 30 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Reinert as applied to claim 1 above, and further in view of Huntington et al., 
US Patent No. 6907524. 
As per claim 19, 26, 30: 

The Reinert and Reinert references have been discussed above. Reinert and Reinert are not explicit in 
teaching: 

"The article of manufacture of claim 12 wherein the plurality of instructions to operate in 

compliance an Extensible Firmware Interface (EFI) specification." 
Huntington teaches a firmware substantially in compliance with the Extensible Firmware Interface (EFI) 
specification (col. 1 , lines 51-55). It would have been obvious to one of ordinary skill in the art at the time 
the invention was made to modify the methods disclosed by Reinert and Reinert to include what is taught 
by Huntington. One would be motivated to do so in order to provide protection from viruses on computer 
systems that use an Extensible Firmware Interface (col. 1, lines 6-10). 
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POINTS OF CONTACT 

Any response to this Office Action should be faxed to (571 ) 273-8300 or mailed to: 

Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 

Hand-delivered responses should be brought to 

Customer Service Window 
Randolph Building 
401 Dulaney Street 
Alexandria, VA 22314 

*. Any inquiry concerning this communication or earlier communications from the examiner should 

be directed to Daniel L. Hoang whose telephone number is 571-270-1019. The examiner can normally 

be reached on Monday - Thursday, 8:00 a.m. - 5:00 p.m., EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 

Nasser Moazzami can be reached on 571-272-4195. The fax phone number for the organization where 

this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be 
obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR system, 
see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

/Daniel L. Hoang/ 
Examiner, Art Unit 2136 



/Nasser G Moazzami/ 

Supervisory Patent Examiner, Art Unit 2136 



